ISSUE-194
SizeMatters
Window sizing a must
- State:
- CLOSED
- Product:
- wsc-xit
- Raised by:
- Mary Ellen Zurko
- Opened on:
- 2008-04-25
- Description:
- http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#Robustness
Change SHOULD's to MUSTs in the following:
Web user agents SHOULD restrict window sizing and moving operations
consistent with 7.1.2 Keep Security Chrome Visible. This prevents attacks
wherein browser chrome is obscured by moving it off the edges of the
visible screen.
Web user agents SHOULD NOT allow web content to open new windows with the
browser's security UI hidden. Allowing this operation facilitates
picture-in-picture attacks, where artificial chrome (usually indicating a
positive security state) is supplied by the web content in place of the
hidden UI.
- Related Actions Items:
ACTION-436 on Anil Saldhana to Update section 7.4.1 with the proposed text - due 2008-05-20, closed- Related emails:
- Meeting record: 2008-05-13 (from tlr@w3.org on 2008-06-06)
- WSC WG f2f May 2008 Agenda (v 1.1) (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-05-09)
- WSC WG f2f May 2008 Agenda (v 1.0) (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-05-02)
- Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-04-30 (from tlr@w3.org on 2008-04-29)
- Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-04-30 (from egelman@cs.cmu.edu on 2008-04-29)
- Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-04-30 (from maritzaj@cs.columbia.edu on 2008-04-29)
- Agenda: WSC WG distributed meeting, Wednesday, 2008-04-30 (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-04-29)
- ISSUE-194 (SizeMatters): Window sizing a must [wsc-xit] (from sysbot+tracker@w3.org on 2008-04-25)
Related notes:
Related action is closed.
Anil Saldhana, 27 May 2008, 18:28:36Display change log